Computer attacks continue to multiply in Quebec. This time, the hackers targeted a subsidiary of Bell Canada in charge of technical support for subscribers. According to the telecommunications giant, they stole confidential information about its employees, including social insurance numbers and medical information.
Posted at 1:06 p.m.
Cybercriminals also compromised lists of customers who obtained assistance from Bell Technical Solutions (BST), including their addresses and phone numbers.
The Press spotted information stolen from the company on the hidden web (dark web). We do not identify the gang of cybercriminals in question to make it difficult for them. The group mentions on its site that it “encrypted” data from August 20, before publishing stolen stolen Thursday.
Some files relate to union grievances and mention the names of employees involved in disputes with the employer.
“An unauthorized third party has taken over files stored in the company’s systems, which include employee information”, explains a memo from the Unifor union to its members at BST, which was obtained The Press.
The text then lists the various elements of employee files that may have been affected: contact details, dates of birth, social insurance numbers, medical and banking information.
The company wants to reassure its customers
Bell ensures for its part on its website “that no database containing customer information, such as credit or debit card numbers, or other banking or financial data, has been affected by the incident “. The company specifies that BST “is working independently of Bell on a different IT system”.
The company adds, however, that hackers may have consulted “the name, address and telephone number” of customers in Quebec and Ontario who made an appointment with a technician.
“We will directly notify anyone whose personal data may have been accessed,” says a page about the cyberattack on the Bell site.
The company adds that for the moment, customers have nothing to do, but it recommends that they be extra vigilant online. She advises them to be wary of unsolicited communications asking for their personal information, to avoid clicking on links or downloading attachments from suspicious emails, and to regularly monitor their accounts.
Bell says it filed a complaint with the Royal Canadian Mounted Police cybercrime unit and notified the Federal Privacy Commissioner.
Cyber attack season
Spring and summer have been particularly trying for cybersecurity in Quebec.
In May, a group of pirates attacked Collège Montmorency in Laval. Then in August he published tens of thousands of files stolen from CEGEP on the hidden web (dark web), revealed The Press September 8. They contain information on internal investigations of employees, medical and psychiatric information, and confidential identifying data on hundreds of individuals.
In August, cybercriminals attacked the Union of Agricultural Producers and the National Institute for Scientific Research. The same month, a serious attack also disrupted for six days the activities of the manufacturer of recreational vehicles BRP, of Valcourt. The hackers have leaked thousands of documents stolen from the Ski-Doo producer, hundreds of which are similar to industrial secrets.
Then on Wednesday evening, hackers managed to penetrate the email inbox of a Ville de Laval employee. The municipality reacted by interrupting several online services for citizens.
An earlier version of the text incorrectly identified the company the hackers hit as “Bell Technical Services.” It’s more like Bell Technical Solutions. Our apologies.